GuildBankLedger

v0.32.3 (2026-05-12)

Full Changelog Previous Releases

• Merge pull request #24 from katogaming88/hotfix/chat-filter-instance-guard
  Fix ChatFilters crash from secret NPC sender in instanced content (v0.32.3)
• Add chatFrameFilter tests and full instance-type coverage (v0.32.3)
  chatFrameFilter (file-local upvalue registered against
  ChatFrame_AddMessageEventFilter for MONSTER_SAY/YELL/EMOTE) had zero
  spec coverage. It is the busier of the two firing paths and the only
  path for MONSTER_EMOTE. Reach it via the captured filter list at
  MockWoW.chatMessageFilters and add five cases: open-world suppress,
  toggle off, non-string sender (secret-key regression at the filter
  entry point), every non-"none" instance type, and EMOTE registration
  plus guard.
  Convert the _OnAmbientMonsterChat instance-guard block to table-driven
  form covering all five non-"none" instance types (party, raid, pvp,
  arena, scenario) so a future refactor to a narrower check cannot
  silently regress PvP, arena, or scenario behavior.
  Tests only. No production or mock changes. Still v0.32.3.
  Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com
• Fix ChatFilters crash from secret NPC sender in instanced content (v0.32.3)
  Blizzard marks NPC sender values as "secret" in M+/raid/pvp/arena
  instances, causing a Lua error when the name was used as a table key in
  _IsMutedAmbientNPC. The guild bank doesn't exist in instanced content
  so the filter has no purpose there — bail out of both event handlers
  immediately on any non-"none" instance type. Also tighten the sender
  guard from nil-check to type() == "string" as a second layer of defence.
  Regression tests added for non-string sender rejection and the instance
  guard (open world / party / raid) via a new IsInInstance mock.
  Co-Authored-By: Claude Sonnet 4.6 noreply@anthropic.com
• Merge pull request #22 from RussellFeinstein/chore/description-sync-comment-visibility
  Surface CurseForge description-sync advisory in PR conversation (fork-PR safe)
• Surface CurseForge description-sync advisory in PR conversation (fork-PR safe)
  The existing curseforge-description-sync workflow shipped in PR #20 emits
  warning and notice annotations, but these are practically invisible
  from the PR Conversation tab. Reviewers had to click through Actions to
  notice them. The notice path was especially weak because it lacked a
  file= reference, so it surfaced only in the workflow run page's
  Annotations section.
  This change adds a sticky-comment lifecycle in the PR Conversation tab so
  the advisory is discoverable from the PR home page, and tightens the
  workflow's transport so the comment posts correctly on fork PRs as well
  as same-repo branches.
  Three-state sticky-comment lifecycle (shared header marker
  "curseforge-description-sync"):
  • out_of_sync: feature-surface files changed without touching the
    description file. Sticky comment says "the CurseForge description may
    need updating" and lists the triggering files.
  • in_sync: description file was updated (alongside feature-surface
    changes, or on its own). Sticky comment updates in place to the
    post-merge paste reminder, since pasting the file's content into the
    CurseForge web UI Manage > Description is a manual step (no API
    exists and BigWigsMods/packager#187 has not landed).
  • none: PR touches neither the description nor any feature-surface
    file. Sticky comment is deleted.
    Trigger event moves from pull_request to pull_request_target so the
    workflow's GITHUB_TOKEN has pull-requests:write on fork PRs (the
    standard pull_request event gives forks read-only token regardless of
    the permissions: block).
    Diff source moves from "git diff --name-only" (which would have failed
    under pull_request_target because the default checkout doesn't fetch
    the PR head SHA) to "gh api repos/.../pulls/N/files" via the REST API.
    This also drops actions/checkout@v4 from the workflow entirely; no
    fork code ever lands on the runner.
    Defensive measures:
  • Top-of-file SECURITY comment block enumerates what the workflow must
    never do (check out PR head, read/cat/source/bash fork files,
    install or execute PR-side code, interpolate attacker-controlled
    github.event.pull_request.* fields into shell). Documents the
    pull_request_target boundary for future-self.
  • concurrency: { group: per-PR, cancel-in-progress: true } so two
    pushes in quick succession don't race on the comment API.
  • continue-on-error: true on all three sticky steps so the workflow
    stays advisory; a comment-post failure (rate limit, transient 5xx)
    does not red-X the check.
  • The bash diff step now sets state via three exclusive branches
    (out_of_sync / in_sync / none) and emits multi-line
    triggers_list_markdown via the documented $GITHUB_OUTPUT heredoc form.
  • Notice annotation now includes file=docs/CURSEFORGE-DESCRIPTION.md so
    it lands inline on the Files Changed tab alongside the warning.
    Verification: the new workflow cannot run on this PR itself because
    pull_request_target uses the workflow file from the base branch, not
    the PR branch. The PR's own checks will execute the prior workflow
    (which uses pull_request and git diff). Post-merge verification has to
    happen on a follow-up throwaway PR; the steps are documented in the
    plan file.
    Workflow file only. No version bump (no addon code, no .toc, no README
    touched).
    Co-Authored-By: Claude Opus 4.7 (1M context) noreply@anthropic.com